---------- | AdsFix | g3n-h@ckm@n | V4_13.05.17.2

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 00:09:36 - 16/05/2017

Mis a jour le : 13/05/2017 | 07.55 (GMT) par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\Gabriel\Desktop\AdsFix.exe
Boot: Normal boot
[Gabriel (Administrator)] - [GABREUIL] -  (France [040C])
SID = S-1-5-21-552044328-3225882586-3653238893-1002 || [4761627269656c205e5e]
PC : ASUSTeK COMPUTER INC. - N750JK - ASUS-NotebookSKU
Processor : X64 - 2394 - Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Bios : American Megatrends Inc. - 05/21/2014 - V.N750JK.203
CoreTemp : 67 C

CPU #1 value:0 %
CPU #2 value:9 %
CPU #3 value:0 %
CPU #4 value:3 %
CPU #5 value:0 %
CPU #6 value:9 %
CPU #7 value:0 %
CPU #8 value:9 %
Total Overall CPU Usage value:2 %

Systeme : Windows 10 Home (64 bits) Core 
Memoire RAM = Total (MB) : 16658 | Libre (MB) : 13903
Pagefile = Total (MB) : 19148 | Libre (MB) : 16422
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3876

C:\ -> [Fixed] | [OS] | Total : 95.39 Go | Free : 18.93 Go -> NTFS (SSD) [SATA]
D:\ -> [Fixed] | [Jeux] | Total : 121.98 Go | Free : 38.57 Go -> NTFS (SSD) [SATA]
E:\ -> [Fixed] | [Data1] | Total : 465.75 Go | Free : 89.88 Go -> NTFS [SATA]
F:\ -> [Fixed] | [Data2] | Total : 465.76 Go | Free : 295.37 Go -> NTFS [SATA]

Sauvegarde du registre , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [16.05.2017 @ 00_09_34]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows

Windows Is Activated
Possible Fixed Windows

---------- | Navigateurs

IE : 11.0.15063.0     (© Microsoft Corporation. Tous droits réservés.)
FF : 53.0.2.6333     (©Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 58.0.3029.110     (Copyright 2016 Google Inc. All rights reserved.)
MS-Edge : 11.0.15063.250     (© Microsoft Corporation. All rights reserved.)

---------- | Security (atcav : 0)

AV : Windows Defender Disabled
FW : 
WMI : OK
WU: Windows Update Service [Manual(3)] = non en cours
AS: Windows Defender [Manual(3)] = non en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

ActiveX : 25.0.0.171
Plugin : 25.0.0.171

---------- | Processes closed

540 | [Owner : UMFD-0 |Parent : 908(wininit.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.15063.138) = C:\Windows\System32\fontdrvhost.exe
1136 | [Owner : UMFD-1 |Parent : 1076(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.15063.138) = C:\Windows\System32\fontdrvhost.exe
1712 | [Owner : Système |Parent : 988(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1916 | [Owner : Système |Parent : 1712()] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1788 | [Owner : Système |Parent : 988(services.exe)] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4549) = C:\Windows\System32\igfxCUIService.exe
2772 | [Owner : Système |Parent : 988(services.exe)] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.78.4) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
2780 | [Owner : Système |Parent : 988(services.exe)] - (.AVAST Software - Avast Service.) - (17.4.3482.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe
2844 | [Owner : Système |Parent : 988(services.exe)] - (.ASUS - GFNEXSrv.) - (1.0.11.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
2412 | [Owner : Système |Parent : 988(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.15063.0) = C:\Windows\System32\spoolsv.exe
3880 | [Owner : Système |Parent : 988(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.913.1) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
3904 | [Owner : Système |Parent : 988(services.exe)] - (.Autodesk Inc. - Autodesk Application Manager.) - (5.0.142.14) = C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
3912 | [Owner : SERVICE LOCAL |Parent : 3692(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.15063.0) = C:\Windows\System32\dasHost.exe
3924 | [Owner : Système |Parent : 988(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe
3940 | [Owner : Système |Parent : 988(services.exe)] - (.ASUS - ASUS InstantOn Program.) - (2.3.1.1) = C:\Program Files\ASUS\P4G\InsOnSrv.exe
3972 | [Owner : Système |Parent : 988(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.3.2180.8799) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
4012 | [Owner : SERVICE RÉSEAU |Parent : 988(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.4.2200.3632) = C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
4040 | [Owner : Système |Parent : 988(services.exe)] - (.ELAN Microelectronics Corp. - Elan Service.) - (11.10.8.3) = C:\Program Files\Elantech\ETDService.exe
4048 | [Owner : Système |Parent : 988(services.exe)] - (.Dropbox, Inc. - Dropbox Service.) - (1.0.22.0) = C:\Windows\System32\DbxSvc.exe
3068 | [Owner : Système |Parent : 988(services.exe)] - (.Atheros - Atheros Coex Service Application.) - (8.0.0.270) = C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
3148 | [Owner : Système |Parent : 988(services.exe)] - (.TunnelBear - TBear.Maintenance.) - (1.0.15.0) = C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe
3556 | [Owner : Système |Parent : 988(services.exe)] - (.- Intel(R) System Usage Report.) - (2.0.0.1901) = C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
4100 | [Owner : Système |Parent : 988(services.exe)] - (.Microsoft Corporation - Windows Security Health Service.) - (4.11.15063.0) = C:\Windows\System32\SecurityHealthService.exe
4108 | [Owner : Système |Parent : 988(services.exe)] - (.Wondershare - Wondershare AppService.) - (2.3.1.204) = C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
2640 | [Owner : Système |Parent : 2772()] - (.ASUSTek Computer Inc. - HControl.) - (1.0.78.8) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
7128 | [Owner : Gabriel |Parent : 988(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
6440 | [Owner : Gabriel |Parent : 988(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
7204 | [Owner : Gabriel |Parent : 1424(svchost.exe)] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) - (3.1.7.0) = C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
7228 | [Owner : Gabriel |Parent : 1424(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.15063.0) = C:\Windows\System32\taskhostw.exe
7272 | [Owner : Gabriel |Parent : 1424(svchost.exe)] - (.ASUSTek Computer Inc. - ASUS Console Starter.) - (1.0.0.0) = C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
7328 | [Owner : Gabriel |Parent : 1424(svchost.exe)] - (.ASUS - Power4Gear Hybrid.) - (2.2.0.0) = C:\Program Files\ASUS\P4G\BatteryLife.exe
7420 | [Owner : Système |Parent : 3940()] - (.ASUS - ASUS InstantOn Program.) - (3.0.7.0) = C:\Program Files\ASUS\P4G\InsOnWMI.exe
7728 | [Owner : Gabriel |Parent : 4040()] - (.ELAN Microelectronics Corp. - ETD Control Center.) - (11.66.8.7) = C:\Program Files\Elantech\ETDCtrl.exe
8156 | [Owner : Système |Parent : 2640()] - (.ASUSTek Computer Inc. - KBFiltr.) - (1.0.67.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
7712 | [Owner : Système |Parent : 7256()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.5) = C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
7760 | [Owner : Gabriel |Parent : 7616()] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.28.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
7504 | [Owner : Gabriel |Parent : 7968(explorer.exe)] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.16.3) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
7476 | [Owner : Système |Parent : 7256()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.5) = C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
6744 | [Owner : SERVICE LOCAL |Parent : 988(services.exe)] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8795) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
8272 | [Owner : Gabriel |Parent : 8240()] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4549) = C:\Windows\System32\igfxEM.exe
8324 | [Owner : Gabriel |Parent : 8240()] - (.Intel Corporation - igfxHK Module.) - (6.15.10.4549) = C:\Windows\System32\igfxHK.exe
8444 | [Owner : Gabriel |Parent : 8240()] - (.-.) - (0.0.0.0) = C:\Windows\System32\igfxTray.exe
9104 | [Owner : Gabriel |Parent : 520(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.15063.0) = C:\Windows\System32\RuntimeBroker.exe
9700 | [Owner : Gabriel |Parent : 8888()] - (.AsusTek - ASUS Smart Gesture Loader.) - (1.0.51.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
12204 | [Owner : Gabriel |Parent : 1916()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.8205) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
8028 | [Owner : Gabriel |Parent : 9700()] - (.AsusTek - ASUS Smart Gesture Center.) - (1.0.0.87) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
2416 | [Owner : Gabriel |Parent : 8028()] - (.AsusTek - ASUS Smart Gesture Helper.) - (1.0.22.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
460 | [Owner : Gabriel |Parent : 7968(explorer.exe)] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.11.15063.0) = C:\Program Files\Windows Defender\MSASCuiL.exe
5808 | [Owner : Gabriel |Parent : 7968(explorer.exe)] - (.Logitech Inc. - Logitech Gaming Framework.) - (8.57.145.0) = C:\Program Files\Logitech Gaming Software\LCore.exe
1260 | [Owner : Gabriel |Parent : 12200()] - (.Piriform Ltd - CCleaner.) - (5.29.0.6033) = C:\Program Files\CCleaner\CCleaner64.exe
3708 | [Owner : Gabriel |Parent : 9736()] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.131.11) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13564 | [Owner : Gabriel |Parent : 1424(svchost.exe)] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.258) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
13400 | [Owner : Gabriel |Parent : 1424(svchost.exe)] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.258) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
13912 | [Owner : Gabriel |Parent : 1424(svchost.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.1056) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
9884 | [Owner : Système |Parent : 988(services.exe)] - (.Intel Corporation - Intel(R) ME Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
3408 | [Owner : Système |Parent : 988(services.exe)] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.5.12.1682) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
2864 | [Owner : Système |Parent : 988(services.exe)] - (.Intel Corporation - Intel(R) Local Management Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2256 | [Owner : Gabriel |Parent : 988(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
2552 | [Owner : Gabriel |Parent : 3368()] - (.Node.js - NVIDIA Web Helper Service.) - (6.9.5.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
4960 | [Owner : Gabriel |Parent : 520(svchost.exe)] - (.Microsoft Corporation - InstallAgent.) - (10.0.15063.296) = C:\Windows\System32\InstallAgent.exe
10028 | [Owner : Gabriel |Parent : 520(svchost.exe)] - (.Microsoft Corporation - InstallAgentUserBroker.) - (10.0.15063.296) = C:\Windows\System32\InstallAgentUserBroker.exe
2440 | [Owner : Gabriel |Parent : 520(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.15063.250) = C:\Windows\System32\SettingSyncHost.exe
7264 | [Owner : Gabriel |Parent : 1424(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.15063.0) = C:\Windows\System32\taskhostw.exe
8520 | [Owner : Gabriel |Parent : 520(svchost.exe)] - (.Microsoft Corporation - System Settings Broker.) - (10.0.15063.0) = C:\Windows\System32\SystemSettingsBroker.exe
11112 | [Owner : Gabriel |Parent : 520(svchost.exe)] - (.Microsoft Corporation - SmartScreen.) - (10.0.15063.0) = C:\Windows\System32\smartscreen.exe
10304 | [Owner : Gabriel |Parent : 520(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.15063.0) = C:\Windows\System32\ApplicationFrameHost.exe
11996 | [Owner : Gabriel |Parent : 1424(svchost.exe)] - (.ASUSTeK Computer Inc. - ASUS Live Update.) - (3.3.7.1) = C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
556 | [Owner : SERVICE RÉSEAU |Parent : 988(services.exe)] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (10.0.15063.0) = C:\Windows\System32\sppsvc.exe

---------- | Tasks

Suppression : USER_ESRV_SVC_QUEENCREEK


---------- | Services


---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts

Suppression : # Start of entries inserted by Spybot - Search & Destroy
Suppression : # End of entries inserted by Spybot - Search & Destroy

---------- | SafeBoot


---------- | Winsock


---------- | DNS


---------- | Registre

Suppression : HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Classes\ChromiumHTM.CZVLXHRKSXYRN6FPVUELAMCIYM : Chromium HTML Document     
Suppression : HKLM\SOFTWARE\Classes\.sds : Spybot2.SDSFile     
Suppression : HKLM\SOFTWARE\Classes\AcPEXCtl.AcPePropertyEditorTextEx.16 : AcPePropertyEditorTextEx Class     
Suppression : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe :  # 
Suppression : HKLM\SOFTWARE\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\.sdsb : Spybot2.SDSBFile     
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SoftwareUpdateAdmin.DLL :  # 
Suppression : HKLM\SOFTWARE\Classes\CLSID\{8355614D-DC16-4A84-AF66-758E4CA4FE14} : AcPEXCtl.arx
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{0EBA0E45-D7DC-4FDD-AE3B-0D33687B4F6A}
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{4B0AB3E1-80F1-11cf-86B4-444553540000}
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{580BAB46-5FFE-4917-84D7-BE06AF20A544} : AdDwfPdkEPlotRenderer.dll
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{5947EFF4-5EF5-4C8A-81EC-1B9AEFE54372} : C:\WINDOWS\Downloaded Program Files\IDrop.ocx
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{6A3A9A35-66F5-46BB-9610-78D36E7FDC03} : AdDwfPdkEPlotCore.dll
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{7A1E22D4-0CD5-41ED-87D6-B80AF465A1B4} : AdDwfPdkEPlotCommon.dll
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{A4081F53-974E-479E-A26E-E6DE9A5B2489} : vl16.tlb
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{BDD3FC77-4DC9-4118-9E1C-42CB0C6A93B8} : AdDwfPdkCommon.dll
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{C12BB633-E453-494A-8D44-B2DE30F2CB8D} : C:\WINDOWS\Downloaded Program Files\IDropx64.ocx
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{C6CD8C86-D344-453F-B3B0-6BE8A61B5A9F} : Inventor Server\Bin\AcIvServerHost.exe
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{F4B43528-68EA-4c29-8A18-6FBD8E3C24C4}
Suppression : HKLM\SOFTWARE\Classes\Interface\{13A33026-7454-4A02-824A-BF174395FC0B} : {C6CD8C86-D344-453F-B3B0-6BE8A61B5A9F}
Suppression : HKLM\SOFTWARE\Classes\Interface\{38FB4290-9DF6-11D1-B032-00C04FD7EC47} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{38FB4290-9DF6-11D1-B032-00C04FD7EC47} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\SOFTWARE\Classes\Interface\{78DDA113-8095-4978-AB21-6D7EBCC0C8EF} : {C12BB633-E453-494A-8D44-B2DE30F2CB8D}
Suppression : HKLM\SOFTWARE\Classes\Interface\{7CA9DE40-9EB3-11D1-B033-00C04FD7EC47} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{7CA9DE40-9EB3-11D1-B033-00C04FD7EC47} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\SOFTWARE\Classes\Interface\{8A15A9BC-4A6D-4D00-A829-45E330205ED9} : {C12BB633-E453-494A-8D44-B2DE30F2CB8D}
Suppression : HKLM\SOFTWARE\Classes\Interface\{9077D1E1-8959-11CF-86B4-444553540000} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{9077D1E1-8959-11CF-86B4-444553540000} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\SOFTWARE\Classes\Interface\{90CED625-8D78-11CF-86B4-444553540000} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{90CED625-8D78-11CF-86B4-444553540000} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\SOFTWARE\Classes\Interface\{9414F179-C905-11d1-92CC-00600808FC44} : {4B0AB3E1-80F1-11cf-86B4-444553540000}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{9414F179-C905-11d1-92CC-00600808FC44} : {4B0AB3E1-80F1-11cf-86B4-444553540000}
Suppression : HKLM\SOFTWARE\Classes\Interface\{B249C0B0-A004-11D1-B036-00C04FD7EC47} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{B249C0B0-A004-11D1-B036-00C04FD7EC47} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{061434FC-C810-4EEF-921B-8FE170CFFC38} : {5947EFF4-5EF5-4C8A-81EC-1B9AEFE54372}
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{185F0748-8AD5-4CC8-8787-D84AD878EEBC} : {5947EFF4-5EF5-4C8A-81EC-1B9AEFE54372}
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{90CED626-8D78-11CF-86B4-444553540000} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B249C0B1-A004-11D1-B036-00C04FD7EC47} : {4B0AB3E1-80F1-11CF-86B4-444553540000}
Suppression : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Spybot - Search & Destroy 2
Suppression : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SystemUsageReportSvc
Suppression : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe]
Suppression : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSettings.exe]
Suppression : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Yahoo!\yset\{B45DA67A-8C78-5145-990B-232C99D1F7F9}\unset.exe]
Suppression : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe]
Suppression : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe]
Suppression : HKU\S-1-5-18\SOFTWARE\AI_RecycleBin
Suppression : HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Chromium
Suppression : HKU\S-1-5-21-552044328-3225882586-3653238893-1002\Software\Clients\StartMenuInternet\Chromium.CZVLXHRKSXYRN6FPVUELAMCIYM
Suppression : HKLM\SOFTWARE\Wow6432Node\SuppHelpDir
Suppression : HKU\S-1-5-18\SOFTWARE\Nico Mak Computing
Suppression : HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Nico Mak Computing
Suppression : HKLM\SOFTWARE\WOW6432Node\Safer Networking Limited
Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5ADCBE85-BF79-4D4A-850F-34DCA23AE379} : https://fr.search.yahoo.com/favicon.ico
Suppression : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]~[GoogleChromeAutoLaunch_5BD492AB169182D6DBF0E20936CE7D71] : 0x020000000000000000000000
Suppression : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]~[Chromium] : 0x030000008D4A9AAC21EED101

---------- | Dossiers | Fichiers

Suppression : C:\Program Files\Common Files\AV\Spybot - Search and Destroy
Reboot : C:\Program Files (x86)\Spybot - Search & Destroy 2
Suppression : C:\Users\Gabriel\Desktop\A-V\Spybot-S&D Start Center.lnk     (.-.)     
Suppression : C:\Users\Gabriel\AppData\Local\238010
Suppression : C:\Users\Gabriel\AppData\Local\Chromium
Suppression : C:\Users\Gabriel\Local Settings\{29D97187-140E-4AB1-8B2A-24483713EDF7}     (.-.)     
Suppression : C:\Users\Gabriel\Local Settings\{5EFC063C-C5A6-4380-B88B-EAF2691F5010}     (.-.)     
Suppression : C:\Users\Gabriel\Local Settings\{7316EDAF-4B93-4B43-9C9B-7E62438F4EAB}     (.-.)     
Suppression : C:\Users\Gabriel\Local Settings\{855AED34-0AB9-4B4E-95CF-297417DDF8D3}     (.-.)     
Suppression : C:\ProgramData\Reprise\wupeogjxldtlfudivq`qsp`26hfm     (.-.)     
Suppression : C:\ProgramData\Spybot - Search & Destroy
Suppression : C:\Users\Gabriel\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{5ADCBE85-BF79-4D4A-850F-34DCA23AE379}.ico     (.-.)     
Suppression : C:\Users\Gabriel\AppData\LocalLow\Microsoft\Internet Explorer\Services\winsearch.ico     (.-.)     
Suppression : C:\Users\Gabriel\AppData\Roaming\Préfs JP2K CS6     (.-.)     
Suppression : C:\WINDOWS\System32\AI_RecycleBin
Suppression : C:\Users\Gabriel\AppData\Local\package.nw.new     (.-.)     
Suppression : C:\Users\Gabriel\AppData\Local\BIT83A2.tmp     (.-.)     
Suppression : C:\Users\Gabriel\AppData\Local\BIT19D3.tmp     (.-.)     
Suppression : C:\Users\Gabriel\AppData\Local\BIT124A.tmp     (.-.)     
Suppression : C:\Users\Gabriel\AppData\Roaming\Yahoo.

---------- | .LNK


---------- | Ouverture extension inconnue


---------- | Proxy


---------- | Internet Explorer

Reparation : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : https://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset -> https://www.google.com/
Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] :  -> 2
Reparation : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] :  -> 1
Reparation : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] :  -> 1
Reparation : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] :  -> 1
Reparation : [HKU\S-1-5-21-552044328-3225882586-3653238893-1002\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0

---------- | Yandex : X

---------- | Google Chrome

Suppression : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Web Data     (.-.)     Remis a zero avec succes : SearchURL
Suppression : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences     (.-.)     Remis a zero avec succes : Preferences 
Suppression : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences     (.-.)     Remis a zero avec succes : Preferences 
Suppression : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  permissions: [ background clipboardRead clipboardWrite notifications unlimitedStorage ]
Suppression : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\cgllkjmdafllcidaehjejjhpfkmanmka =  description: Protect against data profiling by search engines
Suppression : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\daanglpcpkjjlkhcbladppjphglbigam =  author: Avast
Suppression : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\emhginjpijfggbofeediiojmdlmlkoik = default_title: Avast Passwords
Suppression : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = js: [ include.postload.js adblock-uiscripts-rightclick_hook.js adblock-notificationoverlay.js ]
Suppression : C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = ids: [ idmofbkcelhplfjnmmdolenpigiiiecc ggedfkijiiammpnbdadhllnehapomdge njjegkblellcjnakomndbaloifhcoccg ]

C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb =  :     __MSG_5636646071825253269__ -     __MSG_8969005060131950570__ - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\fllaojicojecljbmefodhfapmkghcbnh =  :     __MSG_gaoptout_description__ -     __MSG_gaoptout_name__ - https://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\gcbommkclmclpchllfjekcdonpmejbdp =  :     __MSG_about_ext_description__ -     __MSG_about_ext_name__ - permissions:[webNavigationwebRequestwebRequestBlockingtabscookiesstorage\u003Call_urls>] - http://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki =  :     Avast Browser Security and Web Reputation Plugin. -     Avast Online Security - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\iicapmagmhahddefgokbabbgieiogjop =  :     Blocks the ”seen” feature of the facebook messenger and your friends will no longer be able to see if you read their messages. -     Unseen - permissions:[webRequestwebRequestBlocking*://*.facebook.com/*\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\mlomiejdfkolichcflejclcbmpeaniij =  :     __MSG_short_description__ -    version_name: 7.2.0.25 - https://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\piiokbhpgldooopjdacdondngonfljoc =  :     Smart. Simple. Beautiful Theme. -     __MSG_themeName__ - http://clients2.google.com/service/update2/crx
C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx

---------- | Comodo Dragon : X

---------- | Firefox

Suppression : C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\xmkdtfvb.default\sessionstore.js     (.-.)     


---------- | SeaMonkey : X

---------- | Pale moon : X

---------- | Opera : X

---------- | Spark : X

---------- | StartMenuInternet


---------- | Javascript


---------- | Firewall

Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]~[DisableNotifications] : 1 -> 0
Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[DisableNotifications] : 1 -> 0


---------- | ADS


Autre rapport


Analyses : 564491 | Modifications : 9 | Suppressions : 93

---------- |EOF| ---------- | 07:31:36 | [31 Ko]